Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
cgi-bin/webutil.pl in The Puppet Master WebUtil 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the whois command.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Puppet_Master Webutil 'webutil.pl'远程whois指令执行漏洞
Vulnerability Description
WebUtil是一个简单易用的网络工具,能够通过浏览器显示如ping,traceroute,WHOIS查询,主机上线时间,日历,DNS查询,主机,Nslookup等标准网络及主机信息。 Puppet Master WebUtil 2.3版本中的cgi-bin/webutil.pl允许远程攻击者借助whois指令中的shell元字符,执行任意指令。
CVSS Information
N/A
Vulnerability Type
N/A